From owner-freebsd-current@FreeBSD.ORG Thu Jun 12 22:44:14 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A494B4C5 for ; Thu, 12 Jun 2014 22:44:14 +0000 (UTC) Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de [130.133.4.66]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 371B52187 for ; Thu, 12 Jun 2014 22:44:13 +0000 (UTC) Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost.zedat.fu-berlin.de (Exim 4.82) with esmtp (envelope-from ) id <1WvDj9-0026j2-QY>; Fri, 13 Jun 2014 00:44:11 +0200 Received: from g226177179.adsl.alicedsl.de ([92.226.177.179] helo=thor.walstatt.dynvpn.de) by inpost2.zedat.fu-berlin.de (Exim 4.82) with esmtpsa (envelope-from ) id <1WvDj9-0008Il-MR>; Fri, 13 Jun 2014 00:44:11 +0200 Date: Fri, 13 Jun 2014 00:44:06 +0200 From: "O. Hartmann" To: "Steven Hartland" Subject: Re: 11.0-CURRENT #1 r267422: OpenLDAP fails to startup out of the blue after buildworld Message-ID: <20140613004406.27955807.ohartman@zedat.fu-berlin.de> In-Reply-To: <9C4B004B82984D7688EF110733F2D1D0@multiplay.co.uk> References: <20140612230659.37f5b528@munin.walstatt.dyndns.org> <9C4B004B82984D7688EF110733F2D1D0@multiplay.co.uk> Organization: FU Berlin X-Mailer: Claws Mail 3.10.1 (GTK+ 2.24.22; amd64-portbld-freebsd11.0) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; boundary="Sig_/WgQH2kNYXjk+/X1yxsjB+x7"; protocol="application/pgp-signature" X-Originating-IP: 92.226.177.179 X-ZEDAT-Hint: A Cc: FreeBSD CURRENT X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jun 2014 22:44:14 -0000 --Sig_/WgQH2kNYXjk+/X1yxsjB+x7 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Am Thu, 12 Jun 2014 22:37:59 +0100 "Steven Hartland" schrieb: > I've nevery used this but Error 13 is permission denied in errno.h > so I've guessing something has messed with some permissions possibly > a file permission there somewhere? >=20 > If its not obvious, the you could try run it under truss to see what > is returning error 13. >=20 > Regards > Steve > ----- Original Message -----=20 > From: "O. Hartmann" >=20 > After updating ports yesterday with all this ICU update horror today > slapd rejects to start out of the blue after months of working like a > charm: >=20 > [...] > 5399feba slapd startup: initiated. > 5399feba backend_startup_one: starting "cn=3Dconfig" > 5399feba config_back_db_open > 5399feba send_ldap_result: conn=3D-1 op=3D0 p=3D0 > 5399feba backend_startup_one: starting "dc=3Ddumami" > 5399feba mdb_db_open: database "dc=3Ddumami": > dbenv_open(/var/db/openldap-data/). 5399feba mdb_db_open: database > "dc=3Ddumami" cannot be opened, err 13. Restore from > backup! 5399feba backend_startup_one (type=3Dmdb, > suffix=3D"dc=3Ddumami"): bi_db_open failed! (13) 5399feba > slapd shutdown: initiated 5399feba slapd destroy: freeing system > resources. 5399feba syncinfo_free: rid=3D001 5399feba syncinfo_free: > rid=3D003 5399feba slapd stopped. > /usr/local/etc/rc.d/slapd: WARNING: failed to start slapd >=20 > According to that useless "suggestion" to restore from backup, I > restored the configuration and the users from backups. slapadd works > fine. But then starting the server fails again. >=20 > Via "portmaster -f openldap24-server" I tried to rebuild all ports > necessary for that fragile OpenLDAP thing, but still no success. I can > not find any hints in the log (using -d1 or -d257 starting slapd) > except the failure shown above. Since the very same configuration and > dataset worked for months now and even after the massive icu-related > update of ports yesterday (ended by restarting slapd), I wouldn't > expect any usefull hint. >=20 > Can anybody offer suggestions, please? I'm out of ideas. I find it very > strange. >=20 > Regards, > Oliver Well, several things went terribly wrong and they got still a amplification as my= panic level rose up. First: after the update of several ports and the recompilation of openldap24-server/client (I recompiled them without the problems these days= , too), slapd seemed to have complained about several issues with the DIT configuration. = After I switched from HDB to MDB, I edited the config LDIFs manually. Somehow I mad= e hidden mistakes. They have been fixed by now. Second: fiddling arounf with slapcat/slapadd changes ownership of the confi= g files and so of the database file in /var/db which reflects the ID of the creator - whic= h is/was root and not expected user ldap. That triggered the error 13 as reported. Because I oversaw one error message type over the other when "fixing' one p= roblem and the other still persisted, I didn't realise what was going on! The problem was = manifold and selfbrewn! I fixed the syntax problems regarding the HDB <-> MDB problemacy and so I f= ixed then owndership. now everything works fine as expected. --Sig_/WgQH2kNYXjk+/X1yxsjB+x7 Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJTmi07AAoJEOgBcD7A/5N8ZQUH+QGofO3qoZY35DZ2CGQ0a9tv hoLh6m+s4OAdK6aPehkK7HjW/1u0t2H4U8615iyOpBgHxvlqy6eL2OMEQjnV0ekd 16GOHqxCQa1ZQBE9n2pu6VhDlmI/WMaSGlyhIvm3PtsltnYtjBd1pDQhCuME7l89 rracP2dnSWI0Lzyu3yW8pgRg+krVQ17x8gup/zwJy6xtxoxQLu5XTKdWqgw9Y/pB BM1FCXZ3LycMmWHhwvmfycQ7K37BBUhtzXRbXjaBIsJX6PD//HOHQZ1IttrH4TpC CtIEib2a1cdKPdCCE9Dmvl0r9CACOACRw9KPvNHsPXufPMyyw7cE1Ox1HU21ihM= =ygw/ -----END PGP SIGNATURE----- --Sig_/WgQH2kNYXjk+/X1yxsjB+x7--